Trying to use LTI 1.3 but having trouble with authentication. Keep getting 404s.
Hello,
I'm trying to get our tool to work with 1.3 and brightspace. I'm currently trying to implement openid to autheticate with.
Brightspace gets to my auth method fine but when I try to redirect the user to the openid auth endpoint I keep gettings 404. Checking your help it says to check I have all parameters correct which I believe I do.
Can anyone see anything wrong with this redirect?
https://pebble.d2l-partners.brightspace.com/d2l/lti/authenticate
?scope=openid
&response_type=id_token
&client_id=********
&redirect_uri=https%3a%2f%2fsdavies2-pc.pebblelearning.lan%2flogin%2fopenid%2fredirect
&login_hint=*******
&state=testingState
&response_mode=form_post
&nonce=1234567890
&prompt=none
Regards,
Steven
Answers
-
I've worked this out. The call above required lti_message_hint to be included also.
Can't see where this is in any documentation, its not in the IMS spec.
-
Hi,
For future reference, lti_message_hint is defined in the core LTI spec here. It's an optional field that we include in the login initiation request so it has to be sent back.
-
Thanks, I was going by this page which doesn't mention it
https://www.imsglobal.org/spec/security/v1p0/#step-2-authentication-request
